Jump to content

Tesseract

Members
  • Content Count

    10
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Tesseract

  • Rank
    Member

Recent Profile Visitors

305 profile views
  1. Tesseract

    Report Ends With "Parsing Header:"

    I don't think there's really anything more to learn from them at this point, as it's the same behaviour documented earlier in the thread with the same type of invalid hostname in the messages. But here are two from today: https://www.spamcop.net/sc?id=z6558374359zf6c6bc297b1bf5ec039668d1d2ea7f81z https://www.spamcop.net/sc?id=z6558374020zba4d5b7c0c1112bc566769c280cda976z
  2. Tesseract

    Report Ends With "Parsing Header:"

    Meanwhile, nearly all the spam that makes it into my inbox is now of this variety.
  3. Tesseract

    Report Ends With "Parsing Header:"

    Sure, here you go: https://www.spamcop.net/sc?id=z6545317828zc1d3eb3c90dba4ddb2914565fe8e6670z https://www.spamcop.net/sc?id=z6545318251ze1faf58f3225047c10340689918d5169z https://www.spamcop.net/sc?id=z6545409098z16a4a69219a64d0a10d0585d38e310dcz Apart from all being variations of the same message, the common factor seems to be an invalid hostname in the "by" field of the final Received line, as noticed earlier in the thread. E.g. .MpZLHMzHGsR6NQ@cpcloud.co.uk (an invalid hostname both for starting with . and for containing @)
  4. Tesseract

    Report Ends With "Parsing Header:"

    I received 3 pieces of spam today that broke SpamCop like this. Here's one: https://www.spamcop.net/sc?id=z6545317169z5c4be98b29b2c765f89119bfce136732z Very irritating, hope it can be fixed soon.
  5. After many months of not seeing this problem, it seems to be back. Tracking URL The headers added by my machines, sourceforge, and smtp2.aruba.it are fine, but prior to that something added a ridiculous Received: line with no semicolon and no date: Received: by simscan 1.1.0 ppid: 4219, pid: 4225, t: 0.0150s scanners: clamav: 0.80/m:29/d:680
  6. Yes, that's what I thought too. AFAICT, the third Received header is the last one that can be trusted, but SpamCop seems to trust the relaying site for some reason, and that seems to be making it trust the last Received line, which is probably spoofed and uses an invalid date format.
  7. Is this an example of the same problem, or something else? http://www.spamcop.net/sc?id=z976884779z6f...599942ba2df7afz
  8. Tesseract

    E-Mail spam submittals blocked by your ISP

    It is entirely possible that iiNet has changed something recently. I no longer submit spam through their servers. A couple of months back, though, the only spam that made it through was the stuff that wasn't tagged on the way in.
  9. Tesseract

    E-Mail spam submittals blocked by your ISP

    Hmm, I think I'll stick with Postfix for now.
  10. Tesseract

    E-Mail spam submittals blocked by your ISP

    You can add iiNet to the list. The normal customer service representatives don't seem to know anything about it, but I managed to contact the guy in charge of their mail systems through the whirlpool forums. He told me that they are running Brightmail on outgoing mail and silently deleting spammy-looking messages, which of course makes forwarding spam impossible. Their reasoning is that being blacklisted hurts their customers more than losing the occasional legitimate message. He also told me that he is investigating ways to make the SMTP server give a 550 reply for spammy-looking messages, instead of happily accepting them but then failing to either deliver them or generate a bounce. Apparently it's difficult because Brightmail can't look at messages before the SMTP conversation is finished. My current workaround is to run my own mail server, which works for SpamCop submissions, but still has to relay through iiNet's server for a lot of sites which reject mail from all dynamic IPs. I enquired about getting iiNet's server to whitelist certain recipient addresses and/or subdomains, but haven't received a reply yet.
×